/**
 * SpringMVC restful 风格
 * 登陆页面控制器，控制关于登陆页面的一些业务逻辑操作
 * @author WangXinLei
 * @date 2014-12-03
 */
package com.chnbst.bstyun.controller.admin;

import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
import com.chnbst.bstyun.core.common.DESUtil;
import com.chnbst.bstyun.core.common.SignUtil;
import com.chnbst.bstyun.model.pojo.AdminUser;
import com.chnbst.bstyun.service.AdminUserService;

@Controller
@RequestMapping("/loginAdmin")
public class LoginController {
	/**
	 * 注入 业务逻辑层
	 */
	@Autowired
	private AdminUserService adminUserService;
	/**
	 * @return 登陆页面
	 * @throws Exception
	 */
	@RequestMapping(value="",method=RequestMethod.GET)
	public ModelAndView login(HttpServletRequest request)throws Exception{
		String returnUrl =  request.getParameter("returnUrl");
		ModelAndView mav = new ModelAndView();
		mav.addObject("returnUrl", returnUrl);
		mav.setViewName("admin/login");
		return mav;
	}
	
	/**
	 * @return 登陆校验
	 * @throws Exception
	 */
	@RequestMapping(value="/loginCheck",method=RequestMethod.POST)
	@ResponseBody
	public Map<String, Object> loginCheck(String adminName,String password,HttpServletRequest request)throws Exception{
		String isSuccess = "ok";
		Map<String, Object> resultMap = new HashMap<String, Object>();
		AdminUser adminUser = adminUserService.selectByName(adminName);
		if(adminUser != null){
			if(adminUser.getState() == 1){
				String pwd = DESUtil.encrypt(password);
				if(!adminUser.getAdminPassword().equals(pwd) && !adminUser.getAdminPassword().equals(password)){
					//密码错误
					isSuccess = "密码错误！";
				}
			}else{
				//用户无效
				isSuccess = "用户无效！";
			}
		}else{
			//用户不存在
			isSuccess = "用户不存在！";
		}
		resultMap.put("isSuccess", isSuccess);
		return resultMap;
	}
	
	/**
	 * @return 登陆成功跳转页面
	 * @throws Exception
	 */
	@RequestMapping(value="/doLogin",method=RequestMethod.POST)
	public ModelAndView doLogin(HttpServletRequest request)throws Exception{
		String adminName = request.getParameter("adminName");
		String password = request.getParameter("adminPassword");
		String returnUrl = request.getParameter("returnUrl");
		AdminUser adminUser = adminUserService.selectByName(adminName);
		
		String url = "/loginAdmin";
		if(SignUtil.isNotEmpty(returnUrl)) {
			url += "?returnUrl="+returnUrl;
		}
		
		if(adminUser != null){
			if(adminUser.getState() == 1){
				String pwd = DESUtil.encrypt(password);
				if(adminUser.getAdminPassword().equals(pwd) || adminUser.getAdminPassword().equals(password)) {
					String roleId = adminUser.getRoleId();
					if(SignUtil.isNotEmpty(returnUrl)) {
						url = returnUrl;
					}else {
						if(roleId.equals("FINANCE")) {
							url = "/sysAdmin/accountMoney/accountMoneyList";
						}else if(roleId.equals("PUBLISHER")){
							url = "/sysAdmin/goodsTypeAdmin/goodsSort";
						}else {
							url = "/sysAdmin/userAdmin/userList";
						}
					}
					request.getSession().setAttribute("adminUser", adminUser);
				}
			}
		}
		
		return new ModelAndView("redirect:" + url);
	}
	
	/**
	 * @return 检验密码是否正确
	 * @throws Exception
	 */
	@RequestMapping(value="/operate/checkPwd",method=RequestMethod.POST)
	@ResponseBody
	public Map<String, Object> checkPwd(String oldPwd,HttpServletRequest request)throws Exception{
		
		boolean isOk = false;
		
		AdminUser adminUser = (AdminUser) request.getSession().getAttribute("adminUser");
		String pwd = DESUtil.encrypt(oldPwd);
		
		if(adminUser.getAdminPassword().equals(pwd) || adminUser.getAdminPassword().equals(oldPwd)){
			isOk = true;
		}
		
		Map<String, Object> resultMap = new HashMap<String, Object>();
		resultMap.put("isOk",isOk);
		return resultMap;
	}
	
	/**
	 * @return 更新密码
	 * @throws Exception
	 */
	@RequestMapping(value="/operate/updatePwd",method=RequestMethod.POST)
	@ResponseBody
	public Map<String, Object> updatePwd(String newPwd,String oldPwd,HttpServletRequest request)throws Exception{
		
		boolean isOk = false;
		boolean isRight = false;
		String adminPassword = DESUtil.encrypt(newPwd);
		String pwd = DESUtil.encrypt(oldPwd);
		
		AdminUser adminUser = (AdminUser) request.getSession().getAttribute("adminUser");
		
		
		if(adminUser.getAdminPassword().equals(pwd) || adminUser.getAdminPassword().equals(oldPwd)){
			isRight = true;
		}
		
		if(isRight){
			adminUser.setAdminPassword(adminPassword);
			isOk = adminUserService.updateAdminUser(adminUser);
		}
		
		Map<String, Object> resultMap = new HashMap<String, Object>();
		resultMap.put("isOk",isOk);
		resultMap.put("isRight",isRight);
		
		return resultMap;
	}
	
	/**
	 * 用户退出
	 * @return 退出并返回到登陆界面
	 * @throws Exception
	 */
	@RequestMapping(value="/userQuit",method=RequestMethod.GET)
	public ModelAndView userQuit(String adminId,HttpServletRequest request)throws Exception{
		request.getSession().setAttribute("adminId", adminId);
		request.getSession().setAttribute("adminUser", null);
		
		return new ModelAndView("redirect:/loginAdmin");
	}
}
